Skip to content
Snippets Groups Projects
Commit b7064e28 authored by Bob Vincent's avatar Bob Vincent Committed by Raphaël Pinson
Browse files

Ensure that map files are not globally readable by default.

parent a8b52cf4
No related branches found
No related tags found
No related merge requests found
......@@ -28,6 +28,7 @@ define postfix::hash (
Enum['present', 'absent'] $ensure='present',
Variant[Array[String], String, Undef] $source=undef,
Variant[Array[String], String, Undef] $content=undef,
Variant[String[4,4], Undef] $mode='0640',
) {
include ::postfix::params
......@@ -47,6 +48,7 @@ define postfix::hash (
content => $content,
type => 'hash',
path => $name,
mode => $mode,
}
Class['postfix'] -> Postfix::Hash[$title]
......
......@@ -11,7 +11,8 @@
# [*source*] - file source.
# [*type*] - type of the postfix map (valid values are cidr, pcre, hash...)
# [*path*] - path of the created file. By default it is placed in the
# postfix directory
# postfix directory.
# [*mode*] - mode of the created file. By default it is '0640'.
#
# === Requires
#
......@@ -32,6 +33,7 @@ define postfix::map (
Variant[Array[String], String, Undef] $content = undef,
String $type = 'hash',
Stdlib::Absolutepath $path = "/etc/postfix/${name}",
String[4,4] $mode = '0640'
) {
include ::postfix::params
......@@ -61,7 +63,7 @@ define postfix::map (
content => $content,
owner => 'root',
group => 'postfix',
mode => '0644',
mode => $mode,
require => Package['postfix'],
notify => $manage_notify,
}
......@@ -72,7 +74,7 @@ define postfix::map (
path => "${path}.db",
owner => 'root',
group => 'postfix',
mode => '0644',
mode => $mode,
require => [File["postfix map ${name}"], Exec["generate ${name}.db"]],
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment